Wireless communication systems are especially vulnerable to security-related attacks. Potentially, any device within radio range of a transmitter can intercept transmitted message without being detected by the transmitter or intended recipient(s). Conversely, any device may transmit to any other device that is within range. Therefore, “rogue” devices may mimic legitimate users of the wireless system in order to steal information or services and disrupt the intended use of the communications systems. Security related exposures include but are not limited to theft of information and services and denial of services for legitimate system users.
Cryptography is often used to improve wireless security. Encryption keys known only to legitimate users of the system are used to establish trusted relationships and/or to protect wireless communications. Encryption keys are distributed to legitimate devices using a secure channel. The user may manually enter an encryption key(s) into a device using a keypad or other entry method. Another method involves establishing a temporary wired communications channel for conveying the encryption key(s). Yet another approach uses a portable storage device to transfer encryption key(s) from one device to another.
The manual entry of encryption keys requires a keypad, which increases device costs. It is not practical to integrate a keypad into certain types of devices, such as a computer mouse. In addition, manual entry is error prone and inconvenient to the user.
The use of portable storage devices eliminates human errors from manual entry of encryption keys but increases the cost of devices that otherwise do not require the capability. In addition, the mechanical and physical access requirements associated with providing such capability can be a problem with some wireless devices, e.g. a mechanical connector and insertion slot is required with many types of portable storage devices. Furthermore, while portable storage devices are often more convenient than manual entry, they still require the user to perform several steps correctly and are still subject to human error.
Wired communications increases device cost and can be inconvenient to the user due to the need to configure the devices for the wired connection.
Therefore, it would be desirable to have a method for establishing a secure wireless channel between devices without requiring cryptography.